Commit Graph

17508 Commits

Author SHA1 Message Date
Andrew Morgan
3f4a2a7064
Hotfix: disable autoescape by default when rendering Jinja2 templates (#8394)
#8037 changed the default `autoescape` option when rendering Jinja2 templates from `False` to `True`. This caused some bugs, noticeably around redirect URLs being escaped in SAML2 auth confirmation templates, causing those URLs to break for users.

This change returns the previous behaviour as it stood. We may want to look at each template individually and see whether autoescaping is a good idea at some point, but for now lets just fix the breakage.
2020-09-24 16:24:08 +01:00
Andrew Morgan
d191dbdaa6 Fix wording of deprecation notice in changelog 2020-09-22 15:42:53 +01:00
Andrew Morgan
012736ff07 Deprecation warning for synapse admin api being accessible under /_matrix 2020-09-22 15:30:44 +01:00
Andrew Morgan
55bb5fda33 1.20.0 2020-09-22 15:18:31 +01:00
Patrick Cloke
c7e060bfee Add a note about including the changes from 1.19.3. 2020-09-18 11:10:59 -04:00
Patrick Cloke
c4e8b18c72 Tweak wording in the changelog. 2020-09-18 10:57:29 -04:00
Patrick Cloke
d5f7182ba1 1.20.0rc5 2020-09-18 10:56:50 -04:00
Patrick Cloke
88e67d1adb 1.19.3
Synapse 1.19.3 (2020-09-18)
 ===========================
 
 Bugfixes
 --------
 
 - Partially mitigate bug where newly joined servers couldn't get past
 events in a room when there is a malformed event.
 ([\#8350](https://github.com/matrix-org/synapse/issues/8350))
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEgQG31Z317NrSMt0QiISIDS7+X/QFAl9kxN4THGFuZHJld0Bh
 bW9yZ2FuLnh5egAKCRCIhIgNLv5f9LznEACSm7ZL0GjVDcDjGEu+QjKIi3KUiFq3
 i8EXEZWT3w5NNNER0Jey5BHxaBKtnPsvon0k3U4bp5KKOA6BGa9L4NDGZYJa3p0k
 A1uc3DCgGG1aVazpIzfhWRA0va13T+zRKdz52GdjzksH0WGl6w3UoJhloWOmHyxz
 K4UxGwOqJMSBxseBHOFcXdomPtsNYUqsrOcZYWjh3hWN0GMV6H+WrcbKVYl49V0F
 6aVHuaxit35iAGYER41mnTA34ZNuC1Qkp83mAaE+Z8i39qBWPMRErUNAyZQ/mCKz
 QrF98p7F2kFgSzDagtZiUPZj3w3XwfZf05bqnyd9cxBEQdIYFLAL0lokEXcoY1os
 q7gKwGuwicuvYEQrt+gSFlkoUaSvy7/b4cmFqvT0NGnBNZoYl6MX4MXP2CNHuaFk
 yljZoTecKEmhInY10S4uy+Hp0JNHuZWEOYGKy7CrQaqRo8MhBLk5LWBPjUOayPLP
 uvDNv6MShQ8SpCiKvsoCBiX9G3LEo1yHPo5oX57nOr+IHawH0PPkXVKL3b+K+7s0
 eXah/9n/wQYO5K+ReqTFd9ZCegN0/hW/NAT9aX/gEYASkS4ANvGALWwXbZSOG5IG
 2glXiewbJSOaVutPRpIVI3XGDSdm3/8VpO+cAKotZ+pR1V6nsxtVwLRmAhxqhNFD
 3AULCLMt2yKzDw==
 =a9VC
 -----END PGP SIGNATURE-----

Merge tag 'v1.19.3' into release-v1.20.0

1.19.3

Synapse 1.19.3 (2020-09-18)
===========================

Bugfixes
--------

- Partially mitigate bug where newly joined servers couldn't get past
events in a room when there is a malformed event.
([\#8350](https://github.com/matrix-org/synapse/issues/8350))
2020-09-18 10:53:01 -04:00
Andrew Morgan
5b70acb44c 1.19.3 2020-09-18 15:00:07 +01:00
Andrew Morgan
27c1abc7b8
Use _check_sigs_and_hash_and_fetch to validate backfill requests (#8350)
This is a bit of a hack, as `_check_sigs_and_hash_and_fetch` is intended
for attempting to pull an event from the database/(re)pull it from the
server that originally sent the event if checking the signature of the
event fails.

During backfill we *know* that we won't have the event in our database,
however it is still useful to be able to query the original sending
server as the server we're backfilling from may be acting maliciously.

The main benefit and reason for this change however is that
`_check_sigs_and_hash_and_fetch` will drop an event during backfill if
it cannot be successfully validated, whereas the current code will
simply fail the backfill request - resulting in the client's /messages
request silently being dropped.

This is a quick patch to fix backfilling rooms that contain malformed
events. A better implementation in planned in future.
2020-09-18 14:51:11 +01:00
Erik Johnston
43f2b67e4d
Intelligently select extremities used in backfill. (#8349)
Instead of just using the most recent extremities let's pick the
ones that will give us results that the pagination request cares about,
i.e. pick extremities only if they have a smaller depth than the
pagination token.

This is useful when we fail to backfill an extremity, as we no longer
get stuck requesting that same extremity repeatedly.
2020-09-18 14:25:52 +01:00
Patrick Cloke
9db4c1b175
Add flags to /versions about whether new rooms are encrypted by default. (#8343) 2020-09-18 07:56:20 -04:00
Erik Johnston
14b5b48a22
Fix ratelimiting for federation /send requests. (#8342)
c.f. #8295 for rationale
2020-09-18 10:49:29 +01:00
Matthew Hodgson
ad055ea4cc blacklist MSC2753 sytests until it's implemented in synapse (#8285)
Dendrite's implementing MSC2753 over at https://github.com/matrix-org/dendrite/pull/1370 to prove the implementation for MSC purposes, and so sytest has sprouted tests for it over at https://github.com/matrix-org/sytest/pull/944. But we don't want them to run on synapse until synapse implements it.
2020-09-17 14:02:20 -04:00
Patrick Cloke
7141057e85 1.20.0rc4 2020-09-16 08:54:30 -04:00
Patrick Cloke
ab165994db Merge remote-tracking branch 'origin/master' into release-v1.20.0 2020-09-16 08:52:21 -04:00
Erik Johnston
5ffd68dca1 1.19.2 2020-09-16 13:37:03 +01:00
Erik Johnston
9c8ef134fe Merge branch 'erikj/fix_origin_check' into release-v1.20.0 2020-09-16 12:42:42 +01:00
Erik Johnston
f1c9ded738 Merge branch 'erikj/fix_origin_check' into release-v1.19.2 2020-09-16 12:40:58 +01:00
Erik Johnston
97659b7489 Newsfile 2020-09-16 12:05:01 +01:00
Erik Johnston
c570f24acc Don't assume that an event has an origin field
This fixes #8319.
2020-09-16 11:56:23 +01:00
Patrick Cloke
08837bb58c Clarify changelog. 2020-09-11 08:21:57 -04:00
Patrick Cloke
2832ef5bb7 1.20.0rc3 2020-09-11 08:14:15 -04:00
Patrick Cloke
b86764662b
Fix the exception that is raised when invalid JSON is encountered. (#8291) 2020-09-10 14:55:25 -04:00
Andrew Morgan
192e98111d
Remove shared rooms info from upgrade/workers doc as it's still experimental (#8290) 2020-09-10 13:08:08 +01:00
Richard van der Hoff
536f4a2482 1.20.0rc2 2020-09-09 17:08:33 +01:00
Brendan Abolivier
d4daff9b59
Fix /notifications and pushers misbehaving because of unread counts (#8280) 2020-09-08 15:26:06 +01:00
Richard van der Hoff
6d01eb0c74 fix typo 2020-09-08 13:27:07 +01:00
Richard van der Hoff
bbe2e6b38b s/fixes/fix/ 2020-09-08 13:05:06 +01:00
Richard van der Hoff
525efab612 1.20.0rc1 2020-09-08 12:58:37 +01:00
Richard van der Hoff
ad28030c12
Systemd docs: configure workers to start after main process. (#8276) 2020-09-08 10:57:43 +01:00
Brendan Abolivier
d8762cc116
Only add rows to the push actions table if the event notifies or should be marked unread (#8274) 2020-09-07 16:56:27 +01:00
Richard van der Hoff
ef2804d27c
Avoid table-scanning users at startup (#8271)
This takes about 10 seconds in the best case; often more.
2020-09-07 16:48:52 +01:00
Brendan Abolivier
a55e2707d7
Fix unread count failing on NULL values (#8270)
Fix unread counts making sync fail if the value of the `unread_count`
column in `event_push_summary` is `None`.
2020-09-07 15:15:06 +01:00
Richard van der Hoff
0dae7d80bf
Add more logging to debug slow startup (#8264)
I'm hoping this will provide some pointers for debugging
https://github.com/matrix-org/synapse/issues/7968.
2020-09-07 13:36:02 +01:00
Richard van der Hoff
96312536f2
Refuse to upgrade database on worker processes (#8266) 2020-09-07 13:04:10 +01:00
Richard van der Hoff
f25af1f9c7
Add cross-signing sigs to the keys object (#8234)
All the callers want this info in the same place, so let's reduce the
duplication by doing it here.
2020-09-04 15:06:05 +01:00
Brendan Abolivier
041ee971c9
Unread counts fixes (#8254)
* Fixup `ALTER TABLE` database queries

Make the new columns nullable, because doing otherwise can wedge a
server with a big database, as setting a default value rewrites the
table.

* Switch back to using the notifications count in the push badge

Clients are likely to be confused if we send a push but the badge count
is the unread messages one, and not the notifications one.

* Changelog
2020-09-04 14:14:22 +01:00
Patrick Cloke
db7de4d182
Fix a regression from calling read_templates. (#8252)
Regressed in #8037.
2020-09-04 09:10:33 -04:00
reivilibre
e351298444
Fix type signature in simple_select_one_onecol and friends (#8241)
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
2020-09-04 12:02:29 +01:00
Patrick Cloke
c619253db8
Stop sub-classing object (#8249) 2020-09-04 06:54:56 -04:00
Brendan Abolivier
9f8abdcc38
Revert "Add experimental support for sharding event persister. (#8170)" (#8242)
* Revert "Add experimental support for sharding event persister. (#8170)"

This reverts commit 82c1ee1c22.

* Changelog
2020-09-04 10:19:42 +01:00
Erik Johnston
be16ee59a8
Add type hints to more handlers (#8244) 2020-09-03 22:02:29 +01:00
reivilibre
4535e849d7
Remove obsolete order field in send_new_transaction (#8245)
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2020-09-03 19:23:07 +01:00
Richard van der Hoff
f97f9485ee
Split fetching device keys and signatures into two transactions (#8233)
I think this is simpler (and moves stuff out of the db threads)
2020-09-03 18:27:26 +01:00
Erik Johnston
208e1d3eb3
Fix typing for @cached wrapped functions (#8240)
This requires adding a mypy plugin to fiddle with the type signatures a bit.
2020-09-03 15:38:32 +01:00
Patrick Cloke
15c35c250c Remove useless changelog about reverting a #8239. 2020-09-03 09:47:41 -04:00
Patrick Cloke
2aa127c207
Revert pinning of setuptools (#8239) 2020-09-03 09:45:36 -04:00
Erik Johnston
5bfc79486d
Fix typing for SyncHandler (#8237) 2020-09-03 12:54:10 +01:00
Richard van der Hoff
6f6f371a87
wrap _get_e2e_device_keys_and_signatures_txn in a non-txn method (#8231)
We have three things which all call `_get_e2e_device_keys_and_signatures_txn`
with their own `runInteraction`. Factor out the common code.
2020-09-03 11:50:49 +01:00